Why choose the cCA certification authority?

The certification authority in the public key infrastructure is a comprehensive system that plays a crucial role in ensuring the security of electronic communication and the authenticity of information in the digital environment. It is an entity responsible for issuing, managing, verifying, revoking public key certificates, and publishing Certificate Revocation Lists (CRLs).

Organizations worldwide actively utilize certification authorities to secure their electronic communication and ensure the integrity of information in the digital environment.

Discover the certification authority from Cryptive

The main advantages of the cCA solution are:


The security of our product is an absolute priority, and we do not accept any compromises in this area. Therefore, we pay special attention to code quality and provide advice on secure cCA implementation.


We systematically ensure adaptation so that digital certificates generated by cCA may include instructions outlined in the eIDAS regulation and comply with the guidelines of the CA/B Forum.

Dedicated support

Our team of specialists is available to provide personalized support in case of issues or questions. Experienced experts not only resolve current issues but also offer full understanding and assistance in answering questions.

SaaS or On-Premise

We offer two options according to your preferences and needs. Choose the SaaS model to use our solution in the cloud, or opt for the On-Premise model to have fuller control and customization of our solution to fit the specifics of your infrastructure.


The flexibility of our solution is reflected in the ability to adapt to the unique requirements of your organization, regardless of the industry's specifics or the scale of the project.

Easy integration

The API has been optimized for easy implementation, even without advanced programming knowledge. Integrating the features into the client's system is intuitive, allowing for quick deployment without unnecessary complications.

cCA connects to and stores CA keys using Hardware Security Modules (HSMs)

Hardware Security Modules (HSMs) play a crucial role in enhancing the security of the Public Key Infrastructure (PKI) by providing a secure environment for storing and safeguarding cryptographic keys. Cryptographic material, represented by keys, is managed and stored separately from the operating system, significantly reducing the risk of compromising the private key of the CA, which could potentially lead to a violation of the certificate chain structure in the certification path.

Cross-Platform Compatibility and Support for x86 and ARM Architectures

Thanks to cross-platform support and compatibility with x86 and ARM architectures, the application becomes flexible in adapting to different environments. Proper compatibility with Windows, Linux, and x86 and ARM processor architectures provides users with a wide range of possibilities, eliminating potential issues with adaptation to various platforms.

Supported operating systems from the Windows family

  • Windows 10 64-bit is supported by x86 or ARM processors.
  • Windows 11 64-bit is supported by x86 or ARM processors.
  • Windows Server 2019 64-bit is supported by x86 processors.
  • Windows Server 2022 64-bit is supported by x86 processors.

Supported operating systems from the Linux family

  • Debian 11 64-bit is supported on x86 or ARM processors.
  • Debian 12 64-bit is supported on x86 or ARM processors.
  • Ubuntu 22.04 LTS 64-bit is supported on x86 or ARM processors.
API working graphics

Supported Cryptographic APIs

Within the cCA system, we support two key Cryptographic Application Programming Interfaces (APIs): PKCS #11 and CryptoAPI.

PKCS #11 is a standard Cryptographic Application Programming Interface for cryptographic devices, enabling secure cryptographic operations using hardware. It is a crucial element facilitating communication with secure Hardware Security Modules (HSMs).

On the other hand, CryptoAPI provides applications with the ability to use various cryptographic services available in the Windows operating system.

Frequently Asked Questions

Concerning the Certification Authority (CA):

What is a Certification Authority (CA)?

A Certification Authority (CA) is a key component of the public key infrastructure, playing a crucial role in ensuring the security of electronic communication and the authenticity of information in the digital environment. The CA acts as an authority responsible for issuing, signing, storing, and managing digital certificates, including the signing of certificate requests, revocation of public key certificates, and the publication of the Certificate Revocation List (CRL).

What is a Certificate Signing Request (CSR)?

A Certificate Signing Request (CSR) is a set of information encoded, typically in PEM (Privacy Enhanced Mail) or DER (Distinguished Encoding Rules) format. It includes the public key, data identifying its user, and additional information. The CSR itself is signed by the private key of the entity applying for a digital certificate. After creating the CSR, the user can submit it to the Certificate Authority (CA) for signing the Certificate Signing Request and obtaining a digital certificate.

What is a digital certificate?

A digital certificate, often referred to as a public key certificate, plays a crucial role in the field of cybersecurity, especially in the context of Public Key Infrastructure (PKI). This document serves as an electronic seal confirming the authenticity and identity of an entity that possesses a public key. Through digital certificates, secure establishment of connections, user authentication, digital document signing, and ensuring data integrity become possible. In this way, public key certificates constitute a key element supporting secure usage of information technology in today's digital world.

What is a Certificate Revocation List (CRL)?

The Certificate Revocation List (CRL) is a regularly updated registry of serial numbers of certificates that have been revoked or suspended by their issuer, the Certification Authority (CA). Revocation of certificates can result from various reasons, such as the compromise of the private key. The responsibility for generating and publishing the CRL lies with the CA.

What is the Online Certificate Status Protocol (OCSP)?

The Online Certificate Status Protocol (OCSP) is a tool used in the public key infrastructure (PKI) to verify the current validity status of a digital certificate in real-time. Instead of relying on Certificate Revocation Lists (CRLs), which are regularly published, OCSP allows querying the current status of a certificate without the need to download the entire list. This is particularly crucial for performance, especially when the CRL contains many revocation entries, leading to a significant size. In contrast, OCSP responses are much smaller in size.

Contact us if you have questions or need more information about our cCA solution. Our team is ready to assist and provide comprehensive information.

All rights reserved to Cryptive Krzysztof Osiński – 2023

Follow us on